From mboxrd@z Thu Jan 1 00:00:00 1970 From: Mentalic To: development@lists.ipfire.org Subject: RE: IPFire meets Suricata - Call for tester Date: Thu, 14 Feb 2019 18:03:01 -0600 Message-ID: <003b01d4c4c1$d13ec0f0$73bc42d0$@net> In-Reply-To: <1258fb12b260c7b89d88c6eb68e25102aea55cb9.camel@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============4239343663383523901==" List-Id: --===============4239343663383523901== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Reinstalled, IPS ran until I poked a few rule sets active then it blocked all= red regardless if I unchecked the rules. Un-checking IPS box's no good, had = to reboot. IPS service listings under Status>services never go green. Regards Wayne -----Original Message----- From: Mentalic [mailto:mentalic(a)cox.net]=20 Sent: Thursday, February 14, 2019 5:37 PM To: 'Stefan Schantl'; 'development(a)lists.ipfire.org' Subject: RE: IPFire meets Suricata - Call for tester Used the download image link and loaded on my test box, noticed a few issues = with it. =20 -When Intrusion monitoring is enabled on red interface all traffic to red sto= ps with empty IDS log. -Intrusion detection Seems to be limited to one rules list source at a time. = Maybe feature of Suricata? -Under "status" tab, any graphic trend display fails to load with "contains e= rrors" Regards Wayne -----Original Message----- From: Development [mailto:development-bounces(a)lists.ipfire.org] On Behalf O= f Stefan Schantl Sent: Thursday, February 14, 2019 8:29 AM To: development(a)lists.ipfire.org Subject: Re: IPFire meets Suricata - Call for tester Hello list, suricata development goes on, so I'm happy to announce the first release cand= idate on this list. The biggest difference to any previous versions is, this time an update tarba= ll for any IPFire installations is available. So anybody now easily can downl= oad and install it on an existing system without doing a fresh installation. The tarball (currently only x86_64) can be grabbed from here: https://people.ipfire.org/~stevee/suricata/ To start testing download the tarball and place it on your IPFire system. Ext= ract the tarball and launch the install (install.sh) script. During installation snort will be stopped (if running), new files will be pla= ced on the system, your taken snort settings will be converted to get used by= suricata and finally suricata will be started (if snort was used before) to = start protecting the configured networks. If you prefer a fresh installation, the latest image can be grabbed from here: https://nightly.ipfire.org/next-suricata/latest/x86_64/ Direct link for downloading the ISO image: https://nightly.ipfire.org/next-suricata/latest/x86_64/ipfire-2.21.x86_64-ful= l-core128.iso Thanks for downloading and testing. There are no known bugs so far, as usual = please file any bugs to our bugtracker ( https://bugzilla.ipfire.org) and share your feedback on the list. Best regards, -Stefan --===============4239343663383523901==--